Login Form

Tag: Cybersecurity

Most organizations recognize the dangers posed by weak passwords and have implemented policies requiring users to follow password best practices. Enforcing those policies can be a challenge, however. Faced with a mind-boggling number of passwords to remember, users tend to use the same credentials for most or all applications, or simplify passwords to the point that they’re easy to...

In our last post, we discussed the importance of incident response in minimizing the cost of a data breach. Costs rise the longer it takes to identify a security event and mitigate the damage. An incident response plan creates a detailed process that speeds detection and resolution. Identification of an incident is not as straightforward as you might think....

Data breaches are enormously expensive. According to data from the Ponemon Institute’s 2017 Cost of Data Breach Study, organizations paid $3.62 million on average to recover from security incidents in which sensitive data was compromised. That represents a 10 percent decline from the 2016 results — the first overall decrease in the history of the global study. Nevertheless, organizations...

Organizations face an increasing number of cybersecurity threats, taxing the ability of IT teams to protect their systems and networks. An understanding of the most common threats and sources of compromise enables them to focus their efforts and increase the odds of preventing a security breach. To that end, the SANS Institute conducted a survey of more than 250...

Identity and access management (IAM) has become the front line of security. To reduce the risk of data leaks and security incidents, organizations must ensure that only the right individuals have the right level of access to the right resources. IAM plays a particularly critical role in preventing the insider threats that pose the greatest security risk. One of...

The European Union (EU) General Data Protection Regulation (GDPR) places strict new security and privacy requirements on any data related to persons living in the EU. In documenting and managing such data, organizations should not overlook physical access control systems. As we noted in a previous post, physical security typically falls under the purview of a Chief Security Officer...

Though technology is typically viewed as a cost-saving and paper-reducing tool in the healthcare industry, there has been an increased emphasis on using technology to improve patient care and the overall patient experience. Federal law has mandated that healthcare organizations demonstrate “meaningful use” of electronic health records (EHRs) to better engage with patients and their families, coordinate care, and...

Enterprise asset management (EAM) is generally used to reduce the operational and maintenance costs of corporate assets. By more effectively coordinating the maintenance of manufacturing plants, vehicle fleets, oil and gas pipelines, and other infrastructure, EAM can also help minimize costly service disruptions. However, the value of EAM can extend beyond the bottom line by enabling organizations to more...

The National Institute of Standards and Technology (NIST) is updating its Cybersecurity Framework, as we reported in a previous post. Designed to provide a “prioritized, flexible, repeatable, performance-based and cost-effective approach” to managing cybersecurity, the framework has seen broad adoption by organizations worldwide. NIST issued a draft of version 2.0 in January 2017, incorporating feedback received since the original...

Each of us has multiple identities — personal, consumer, business-related, etc. To his family, a man might simply be “Sam,” but to his employer, Sam is a complex array of user IDs, passwords, and access privileges. Identity and access management (IAM) provides a disciplined approach for the creation, maintenance, and use of those digital identities. It integrates business processes...